FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
96 views 0 comments
by anonymous
I have RUT955 as VPN Server 1 site and RUT200 as VPN Client 5 site

I try to set VPN site to site but only 1 site can connect to server. site 2-5 use the same Config as site 1 different only IP address

1 Answer

0 votes
by anonymous

Hello,

  

Make sure you are using OpenVPN with TLS authentification, as the Static key is only designed for P2P connections.

Additionally, if you are experiencing issues with TLS, make sure you either sign a different certificate for each RUT200 or enable the option Allow duplicate certificates. However, in this case, you make have difficulties reaching the LAN subnets of the RUT200, so signing a certificate for each RUT200 will be the easier option.

If you do not have the certificates generated yet, navigate to System → Administration → Certificates. Select the File type as Simple, and press Generate. Keep in mind, that initial certificates will take a while to finish generating (especially DH parameters).

After they are done generating, select the File type as Client, change the Key size to 2048, and give the first certificate a recognizable name (they will each be used on different RUT200). Then select the option to Sign the certificate, enter the validity period, and select the previously generated CA and CA key. Generate a different Client file for each RUT200.

After all of the certificates are generated, in the OpenVPN instance enable the option Certificate files from device and in the TLS Clients field add each RUT200, with the Common name being the name provided for each RUT200 cert during the generation.

Finally, download the generated certificates and upload them on the RUT200 devices.

If this does not help, please replicate the issue on the client and the server, generate a troubleshoot file from both (System → Administration → Troubleshoot), and attach them to the original post. It will only be visible to Teltonika moderators.

  

Best regards,
DaumantasG